Conversation Re: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365 in Security, Privacy & Compliancehttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152771#M946
Great to hear! Really interesting? Will be this add-on in future a replacement for Junk button in Outlook?Tue, 06 Feb 2018 11:26:36 GMTPetr Vlk2018-02-06T11:26:36ZEnhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152591#M945
<P>Office 365 Advanced Threat Protection (ATP) secures more end users in Office 365 than all our competitors combined and can block &gt;99.9% of malware.&nbsp; To pair with these protection capabilities of ATP, customers have also asked for greater visibility into their environment. Today we’re excited to announce enhancements to Office 365 ATP addressing this customer need.</P>
<P><STRONG>&nbsp;</STRONG></P>
<P><STRONG>Reporting Enhancements for Office ATP Admins</STRONG></P>
<P>For admins, it is critical to have threat information quickly and also representative of the latest impact of threats to the organization.&nbsp; One of our enhancements to Office 365 ATP reporting is that new threat information will be offered in near real-time, viewed in an updated UI.&nbsp; Threat information in the reports will update in minutes, providing the latest threat details across your Office 365 environment.&nbsp; In addition to faster reporting updates, we’re also excited to launch four new types of reports which help improve the admin experience and provide crucial data on threats impacting your Office 365 environment.&nbsp;</P>
<P>&nbsp;</P>
<UL>
<LI><STRONG>User-reported</STRONG> – this report shows admins all the emails that end-users submit to Microsoft using the “Report Message’ add-in that we describe further below. The report also provides filtering by the email threat category selected by the user&nbsp;<span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Figure 1. User Reported View" style="width: 999px;"><img src="https://gxcuf89792.i.lithium.com/t5/image/serverpage/image-id/28026i71F260A94B8885FE/image-size/large?v=1.0&amp;px=999" title="Debraj1.png" alt="Figure 1. User Reported View" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Figure 1. User Reported View</span></span></LI>
</UL>
<P>&nbsp;</P>
<UL>
<LI><STRONG>Phish </STRONG>– this report shows all the emails that are categorized as phishing emails by the advanced machine learning models, impersonation and spoofing protection technology within ATP. The reporting metadata includes delivery status, and details regarding the attachment, header and body for these emails&nbsp;<span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Figure 2. Phish View" style="width: 999px;"><img src="https://gxcuf89792.i.lithium.com/t5/image/serverpage/image-id/28027iDAF115B72F67E7BC/image-size/large?v=1.0&amp;px=999" title="Debraj2.png" alt="Figure 2. Phish View" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Figure 2. Phish View</span></span></LI>
</UL>
<P>&nbsp;</P>
<UL>
<LI><STRONG>Content Malware</STRONG> – earlier this month, we <A href="https://techcommunity.microsoft.com/t5/Security-Privacy-Compliance/GA-of-Office-365-Advanced-Threat-Protection-for-SharePoint/m-p/134296#M834" target="_blank">expanded ATP coverage</A> for SharePoint Online, OneDrive for Business, and Microsoft Teams. The content malware report provides information on malware that is detected and blocked in these services.&nbsp;<span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Figure 3. Content Malware View" style="width: 999px;"><img src="https://gxcuf89792.i.lithium.com/t5/image/serverpage/image-id/28028iB0E9DBA45C5B7196/image-size/large?v=1.0&amp;px=999" title="Debraj3.png" alt="Figure 3. Content Malware View" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Figure 3. Content Malware View</span></span></LI>
</UL>
<P>&nbsp;</P>
<UL>
<LI><STRONG>Malware -- </STRONG>These new reports offer admins greater visibility and detail into the protection status of their tenant.&nbsp; This added visibility tightens security for organizations, as admins can make confident policy and configuration updates to help reduce impact from the latest threats.</LI>
</UL>
<P>&nbsp;</P>
<P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Figure 4. Malware View" style="width: 999px;"><img src="https://gxcuf89792.i.lithium.com/t5/image/serverpage/image-id/28029i6B12AD00AF743F2F/image-size/large?v=1.0&amp;px=999" title="Debraj4.png" alt="Figure 4. Malware View" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Figure 4. Malware View</span></span></P>
<P>&nbsp;</P>
<P><STRONG>Reporting Suspicious Messages for EOP/Office ATP Users</STRONG></P>
<P>Many of our customers now train end-users to spot suspicious emails.&nbsp; It is important to offer end-users an easy way to report suspicious emails that their security teams can analyze and quickly assess. The ‘Report message’ add-in makes this very easy for customers.&nbsp; To activate the add-in, follow these <A href="https://support.office.com/en-us/article/Enable-the-Report-Message-add-in-4250c4bc-6102-420b-9e0a-a95064837676." target="_blank">instructions</A>. End-users can report suspicious emails directly to Microsoft so that we can quickly update and enhance our protection capabilities.&nbsp; Emails can be reported as either ‘junk’ or ‘Phish’. Additionally, this feature is coupled with the powerful ‘User-Reported’ view.&nbsp; Now admins have visibility into emails that users consider suspicious.&nbsp; This visibility is crucial and enables admins to understand:</P>
<P>&nbsp;</P>
<UL>
<LI>The variety and volume of threats potentially missed</LI>
<LI>Which emails to immediately quarantine</LI>
<LI>If end-user training is effective and which users may need further training(with tools like Office 365 Threat Intelligence’s new Attack Simulator feature)</LI>
<LI>That Microsoft directly receives potentially malicious messages and rapidly broadens its scope of protection with near real-time user feedback</LI>
</UL>
<P>&nbsp;</P>
<P>Ultimately, greater telemetry strengthens the ability to mitigate threats.&nbsp; With the new ‘Report Message’ add-in, Microsoft has enabled near real-time access to threats, leveraging the scale of our customers end-users broadening our telemetry and improving the protection of Office 365.&nbsp;</P>
<P>&nbsp;</P>
<P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Debraj5.png" style="width: 999px;"><img src="https://gxcuf89792.i.lithium.com/t5/image/serverpage/image-id/28030i5E746C935BCC1C09/image-size/large?v=1.0&amp;px=999" title="Debraj5.png" alt="Debraj5.png" /></span></P>
<P>&nbsp;</P>
<P><STRONG>Send Us Your Feedback</STRONG></P>
<P>We look forward to your feedback once you experience the new ‘Report Message’ add-in and the updates to ATP reporting.&nbsp; Your valuable feedback enables us to continue improving and adding features that support the goal of making ATP the premiere advanced security service for Office 365.&nbsp; If you have not tried Office 365 Advanced Threat Protection for your organization yet, you should begin a free <A href="https://products.office.com/en-us/business/office-365-enterprise-e5-business-software" target="_blank">Office 365 E5 trial</A> today and start securing your organization from today’s most sophisticated threats.</P>
<P>&nbsp;</P>
<P>&nbsp;</P>Mon, 05 Feb 2018 21:31:54 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152591#M945Debraj Ghosh2018-02-05T21:31:54ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152771#M946
Great to hear! Really interesting? Will be this add-on in future a replacement for Junk button in Outlook?Tue, 06 Feb 2018 11:26:36 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152771#M946Petr Vlk2018-02-06T11:26:36ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152867#M947
<P>We often report messages from shared mailboxes that receive junk \ phishing email but it looks like the new report message add-in does not work for this situation with attached error message.&nbsp; Is there a way to enable the feature for this situation?&nbsp;&nbsp; Otherwise we are really looking forward to using this feature in our organization.</P>Tue, 06 Feb 2018 15:20:34 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152867#M947Gary Moldenhauer2018-02-06T15:20:34ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152909#M948
<P>No.&nbsp; You will still have the junk mail folder.&nbsp; This is in the event your end user believes and email that lands in the inbox should have been something that landed in junk.</P>Tue, 06 Feb 2018 16:33:58 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152909#M948Debraj Ghosh2018-02-06T16:33:58ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152914#M949
<P>I think the question was will this new add-in replace Microsoft's previous one located here?&nbsp; Which I'm wondering about as well. </P>
<P>&nbsp;</P>
<P><A href="https://www.microsoft.com/en-us/download/details.aspx?id=18275" target="_blank">https://www.microsoft.com/en-us/download/details.aspx?id=18275</A></P>Tue, 06 Feb 2018 16:40:27 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/152914#M949Gary Moldenhauer2018-02-06T16:40:27ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/158237#M974
<P>Do all of these features - including the real-time reports and the '<SPAN>Report message’ add-in&nbsp;- require E5 licensing?</SPAN></P>Tue, 13 Feb 2018 23:22:53 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/158237#M974Tony Derricott2018-02-13T23:22:53ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/158333#M976
<P>Hi Tony,</P>
<P>&nbsp;</P>
<P>The ATP real time reports are available with a Standalone ATP license or with an Office 365 E5 license.&nbsp; The 'Report Message' is for any Office 365 license.&nbsp; Thanks.</P>Wed, 14 Feb 2018 08:14:51 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/158333#M976Debraj Ghosh2018-02-14T08:14:51ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/162875#M1026
<P>On the following page about how to "Use the Report Message add-in"&nbsp; "<A href="https://support.office.com/en-us/article/use-the-report-message-add-in-b5caa9f1-cdf3-4443-af8c-ff724ea719d2?ui=en-US&amp;rs=en-US&amp;ad=US" target="_blank">https://support.office.com/en-us/article/use-the-report-message-add-in-b5caa9f1-cdf3-4443-af8c-ff724ea719d2?ui=en-US&amp;rs=en-US&amp;ad=US</A>" towards the bottom under "tips" it states "If you're using an Exchange server email account, your Exchange administrator may have chosen one of these settings for you. If so, you can't reset the option yourself." - to me this implies we the administrators are able to control the settings for options in the report message add-in.&nbsp; But I'm not able to find any instructions or information on how I would configure this and force options for our users which we would like to do in our environment.&nbsp; Is this actually possible or if not, something that could be added at some point?&nbsp; </P>
<H1 class="">&nbsp;</H1>Thu, 22 Feb 2018 14:10:50 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/162875#M1026Gary Moldenhauer2018-02-22T14:10:50ZRE: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/163370#M1027
Is Microsoft going to be analyzing the reported phishing emails and
getting back to the users whether they are legitimate or not?Thu, 22 Feb 2018 22:11:54 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/163370#M1027Jordan Moore2018-02-22T22:11:54ZRe: RE: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/163496#M1028
<P>No.&nbsp; We're working on a way to actually provide a response to customers, but that is not available yet.</P>Fri, 23 Feb 2018 00:53:45 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/163496#M1028Debraj Ghosh2018-02-23T00:53:45ZRe: RE: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/163720#M1029
<P>Can you link us to a roadmap entry so that we can track availability?</P>Fri, 23 Feb 2018 15:04:57 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/163720#M1029Tony Derricott2018-02-23T15:04:57ZRe: RE: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/165567#M1037
<P>Hi Tony,</P>
<P>&nbsp;</P>
<P>Apologies.&nbsp; I am not sure why this was left off the message center post.&nbsp; There is no roadmap item attributed to the add-in.&nbsp; However, for the reports, the roadmap entry is called: "<SPAN>Office 365 ATP Enhanced Reporting</SPAN>".&nbsp; Thank you.</P>Tue, 27 Feb 2018 01:53:58 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/165567#M1037Debraj Ghosh2018-02-27T01:53:58ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/166569#M1054
<P>Will the Report Message add-in provide options to submit malicious URL's not detected by SafeLinks?</P>Wed, 28 Feb 2018 23:34:17 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/166569#M1054Vinny Mistry2018-02-28T23:34:17ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/176008#M1127
<P>we have tried to enable Atp real time reports and ended with below error message. Any help</P>Mon, 26 Mar 2018 18:31:13 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/176008#M1127Sankarasubramanian Parameswaran2018-03-26T18:31:13ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/198010#M1260
So am I suppost to down load office 365 trial I also need a good E-mail App.Sun, 27 May 2018 05:29:28 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/198010#M1260William Ross2018-05-27T05:29:28ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/285543#M1678
<P>Is it possible if I, as a tenant admin, can see the reports in my user-reported view submitted by another tenant's user? Like say, if one of my users were impersonated and sent out a phishing email to another user from another organization, and that said user then reports the Phishing email seemingly coming from *my* user, would that appear in my user-reported view?</P>Mon, 12 Nov 2018 20:24:01 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/285543#M1678Kevin Dave Perucho2018-11-12T20:24:01ZRe: Enhancing Security Admin Capabilities and the End User Email Experience for Office 365https://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/353426#M1938
<P>it is possible to identify how may we have submitted from our&nbsp; tenant. if there any options</P>Tue, 19 Feb 2019 17:00:34 GMThttps://techcommunity.microsoft.com/t5/security-privacy-compliance/enhancing-security-admin-capabilities-and-the-end-user-email/m-p/353426#M1938Sankarasubramanian Parameswaran2019-02-19T17:00:34Z